从学术研究转向工业并非易事
我最近接受了采访 银弹播客,由加里·麦格劳主持,我讨论了工业相对于学术研究的优势,为什么在欧洲创业并非易事,以及应用安全行业未来的发展方向。
虽然我从来没有打算创业,但我之所以这样做,是因为我看到太多的公司都在为同样的问题而苦苦挣扎;编写安全代码对大多数开发人员来说是一项挑战。我们整个行业都专注于发现代码中的安全问题,而这些问题堆积如山。
真正专注于有效帮助难以修复所发现问题的组织及其开发团队的解决方案很少,更不用说试图防止代码中引入更多问题了。越来越多的组织意识到这种恶性循环,并意识到他们的开发团队需要从一开始就接受编写安全代码的培训,并且需要为他们配备支持这些代码的工具和流程。
如果你想进一步了解加里·麦格劳和我本人如何看待这个行业的发展,请查看 银弹播客!
节目 139:Matias Madou 讨论安全开发培训和软件安全测试研究
https://www.synopsys.com/software-integrity/resources/podcasts/show-139.html
Matias Madou, Ph.D. is a security expert, researcher, and CTO and co-founder of Secure Code Warrior. Matias obtained his Ph.D. in Application Security from Ghent University, focusing on static analysis solutions. He later joined Fortify in the US, where he realized that it was insufficient to solely detect code problems without aiding developers in writing secure code. This inspired him to develop products that assist developers, alleviate the burden of security, and exceed customers' expectations. When he is not at his desk as part of Team Awesome, he enjoys being on stage presenting at conferences including RSA Conference, BlackHat and DefCon.
Secure Code Warrior可以帮助您的组织在整个软件开发生命周期中保护代码,并营造一种将网络安全放在首位的文化。无论您是 AppSec 经理、开发人员、首席信息安全官还是任何与安全相关的人,我们都可以帮助您的组织降低与不安全代码相关的风险。
预订演示
Matias Madou, Ph.D. is a security expert, researcher, and CTO and co-founder of Secure Code Warrior. Matias obtained his Ph.D. in Application Security from Ghent University, focusing on static analysis solutions. He later joined Fortify in the US, where he realized that it was insufficient to solely detect code problems without aiding developers in writing secure code. This inspired him to develop products that assist developers, alleviate the burden of security, and exceed customers' expectations. When he is not at his desk as part of Team Awesome, he enjoys being on stage presenting at conferences including RSA Conference, BlackHat and DefCon.
Matias is a researcher and developer with more than 15 years of hands-on software security experience. He has developed solutions for companies such as Fortify Software and his own company Sensei Security. Over his career, Matias has led multiple application security research projects which have led to commercial products and boasts over 10 patents under his belt. When he is away from his desk, Matias has served as an instructor for advanced application security training courses and regularly speaks at global conferences including RSA Conference, Black Hat, DefCon, BSIMM, OWASP AppSec and BruCon.
Matias holds a Ph.D. in Computer Engineering from Ghent University, where he studied application security through program obfuscation to hide the inner workings of an application.
我最近接受了采访 银弹播客,由加里·麦格劳主持,我讨论了工业相对于学术研究的优势,为什么在欧洲创业并非易事,以及应用安全行业未来的发展方向。
虽然我从来没有打算创业,但我之所以这样做,是因为我看到太多的公司都在为同样的问题而苦苦挣扎;编写安全代码对大多数开发人员来说是一项挑战。我们整个行业都专注于发现代码中的安全问题,而这些问题堆积如山。
真正专注于有效帮助难以修复所发现问题的组织及其开发团队的解决方案很少,更不用说试图防止代码中引入更多问题了。越来越多的组织意识到这种恶性循环,并意识到他们的开发团队需要从一开始就接受编写安全代码的培训,并且需要为他们配备支持这些代码的工具和流程。
如果你想进一步了解加里·麦格劳和我本人如何看待这个行业的发展,请查看 银弹播客!
节目 139:Matias Madou 讨论安全开发培训和软件安全测试研究
https://www.synopsys.com/software-integrity/resources/podcasts/show-139.html
我最近接受了采访 银弹播客,由加里·麦格劳主持,我讨论了工业相对于学术研究的优势,为什么在欧洲创业并非易事,以及应用安全行业未来的发展方向。
虽然我从来没有打算创业,但我之所以这样做,是因为我看到太多的公司都在为同样的问题而苦苦挣扎;编写安全代码对大多数开发人员来说是一项挑战。我们整个行业都专注于发现代码中的安全问题,而这些问题堆积如山。
真正专注于有效帮助难以修复所发现问题的组织及其开发团队的解决方案很少,更不用说试图防止代码中引入更多问题了。越来越多的组织意识到这种恶性循环,并意识到他们的开发团队需要从一开始就接受编写安全代码的培训,并且需要为他们配备支持这些代码的工具和流程。
如果你想进一步了解加里·麦格劳和我本人如何看待这个行业的发展,请查看 银弹播客!
节目 139:Matias Madou 讨论安全开发培训和软件安全测试研究
https://www.synopsys.com/software-integrity/resources/podcasts/show-139.html
点击下面的链接并下载此资源的PDF。
Secure Code Warrior可以帮助您的组织在整个软件开发生命周期中保护代码,并营造一种将网络安全放在首位的文化。无论您是 AppSec 经理、开发人员、首席信息安全官还是任何与安全相关的人,我们都可以帮助您的组织降低与不安全代码相关的风险。
查看报告预订演示
Matias Madou, Ph.D. is a security expert, researcher, and CTO and co-founder of Secure Code Warrior. Matias obtained his Ph.D. in Application Security from Ghent University, focusing on static analysis solutions. He later joined Fortify in the US, where he realized that it was insufficient to solely detect code problems without aiding developers in writing secure code. This inspired him to develop products that assist developers, alleviate the burden of security, and exceed customers' expectations. When he is not at his desk as part of Team Awesome, he enjoys being on stage presenting at conferences including RSA Conference, BlackHat and DefCon.
Matias is a researcher and developer with more than 15 years of hands-on software security experience. He has developed solutions for companies such as Fortify Software and his own company Sensei Security. Over his career, Matias has led multiple application security research projects which have led to commercial products and boasts over 10 patents under his belt. When he is away from his desk, Matias has served as an instructor for advanced application security training courses and regularly speaks at global conferences including RSA Conference, Black Hat, DefCon, BSIMM, OWASP AppSec and BruCon.
Matias holds a Ph.D. in Computer Engineering from Ghent University, where he studied application security through program obfuscation to hide the inner workings of an application.
我最近接受了采访 银弹播客,由加里·麦格劳主持,我讨论了工业相对于学术研究的优势,为什么在欧洲创业并非易事,以及应用安全行业未来的发展方向。
虽然我从来没有打算创业,但我之所以这样做,是因为我看到太多的公司都在为同样的问题而苦苦挣扎;编写安全代码对大多数开发人员来说是一项挑战。我们整个行业都专注于发现代码中的安全问题,而这些问题堆积如山。
真正专注于有效帮助难以修复所发现问题的组织及其开发团队的解决方案很少,更不用说试图防止代码中引入更多问题了。越来越多的组织意识到这种恶性循环,并意识到他们的开发团队需要从一开始就接受编写安全代码的培训,并且需要为他们配备支持这些代码的工具和流程。
如果你想进一步了解加里·麦格劳和我本人如何看待这个行业的发展,请查看 银弹播客!
节目 139:Matias Madou 讨论安全开发培训和软件安全测试研究
https://www.synopsys.com/software-integrity/resources/podcasts/show-139.html
目录
Matias Madou, Ph.D. is a security expert, researcher, and CTO and co-founder of Secure Code Warrior. Matias obtained his Ph.D. in Application Security from Ghent University, focusing on static analysis solutions. He later joined Fortify in the US, where he realized that it was insufficient to solely detect code problems without aiding developers in writing secure code. This inspired him to develop products that assist developers, alleviate the burden of security, and exceed customers' expectations. When he is not at his desk as part of Team Awesome, he enjoys being on stage presenting at conferences including RSA Conference, BlackHat and DefCon.
Secure Code Warrior可以帮助您的组织在整个软件开发生命周期中保护代码,并营造一种将网络安全放在首位的文化。无论您是 AppSec 经理、开发人员、首席信息安全官还是任何与安全相关的人,我们都可以帮助您的组织降低与不安全代码相关的风险。
预订演示下载帮助您入门的资源
%20(1).avif)
.avif)
Threat Modeling with AI: Turning Every Developer into a Threat Modeler
Walk away better equipped to help developers combine threat modeling ideas and techniques with the AI tools they're already using to strengthen security, improve collaboration, and build more resilient software from the start.
